CYBER SECURITY – WEEKLY REPORT (SEPT 20, 2017)

Reports last week showed that hackers have had massive success in infecting and penetrating millions of systems, thus gaining access to enormous data ranging from personal details to stock exchange filings. CCleaner, an extremely popular cleaning software tool, had been infected with a malware affecting millions of users. The tool was reportedly downloaded by more than 50 million Android users. The problem was only spotted in August and fixed last week.

In another attack, hackers penetrated the US Securities and Exchange Commission (SEC)’s electronic system for storing public-company filings last year and may have traded using this valuable information. Its Chairman Jay Clayton said they were investigating the source of the hack, which exploited a software vulnerability in a part of the agency’s Edgar system. It may be recalled that the SEC sued in December three Chinese traders who allegedly earned more than $ 4 million in illegal gains after they stole information from the computer systems of Wall Street banks and Fortune 500 companies.

Additional details have come in the recent attack on Equifax systems, a background checking agency. The company’s investigations showed that hackers roamed undetected in its computer network for more than four months since March, before its security team uncovered massive data breach affecting 143 million Americans.

Meanwhile, Vietnam joined China and other countries which forced social network sites like Facebook to remove information that violated the countries’ laws and provide identities of people behind such postings. While Facebook said its policies in Vietnam are consistent with those practiced elsewhere to report illegal content, Hanoi stated that the company agreed to help create a new communications channel with the government to prioritize its requests and remove what the regime considered inaccurate posts.

CYBER-CRIME

CCleaner:Extremely Popular Cyber Security App Infected millions of users with a virus

http://www.independent.co.uk/life-style/gadgets-and-tech/news/ccleaner-latest-updates-antivirus-app-malware-not-know-customers-use-piriform-avast-a7954896.html More than two million people used an extremely popular software cleaning tool that had been infected with malware. CCleaner, which has a high rating on Google Play and has been downloaded by more than 50 million Android users, was compromised “in a sophisticated manner” in August, and the problem was only spotted and fixed in mid-September. It’s also available on Windows and Mac. Piriform, which is owned by Avast and develops the app, has fixed the issues and apologised to users. The malicious code attempted to connect computers with recently registered web domains – a common tool used by hackers to download further malware onto infected computers.

SEC Discloses Edgar Corporate Filing System Was Hacked in 2016

https://www.wsj.com/articles/sec-discloses-edgar-corporate-filing-system-was-hacked-in-2016-1505956552 The top U.S. markets regulator disclosed Wednesday that hackers penetrated its electronic system for storing public-company filings last year and may have traded on the information. The Securities and Exchange Commission’s chairman, Jay Clayton said it was investigating the source of the hack, which exploited a software vulnerability in a part of the agency’s Edgar system, a comprehensive database of filings made by thousands of public companies and other financial firms regulated by the SEC. The SEC in December sued three Chinese traders who allegedly earned more than $4 million in illegal gains after they stole information from the computer systems of Cravath, Swaine & Moore LLP and Weil, Gotshal & Manges LLP, which represent Wall Street banks and Fortune 500 companies.

Hackers Entered Equifax Systems in March

https://www.wsj.com/articles/hackers-entered-equifax-systems-in-march-1505943617 Hackers roamed undetected in Equifax Inc.’s EFX 1.19% computer network for more than four months before its security team uncovered the massive data breach, the security firm FireEye Inc. FEYE -0.93% said this week in a confidential note Equifax sent to some of its customers. FireEye’s Mandiant group, which has been hired by Equifax to investigate the breach, said the first evidence of hackers’ “interaction” with the company occurred on March 10, according to the Mandiant report, which was reviewed by The Wall Street Journal. Equifax had previously disclosed that data belonging to approximately 143 million Americans was potentially accessed in May.

Insurance Grows for Cyberattacks

https://www.wsj.com/articles/insurance-grows-for-cyberattacks-1505700360 Data breaches have helped push more companies to buy stand-alone cyberinsurance policies. One research firm forecasts the global market may reach $14 billion by 2022. The policies are designed to cover financial losses from different kinds of attacks—from theft of data to extortion using ransomware—as well as recouping damages from a tainted reputation and stolen money. Many carriers are also trying to distinguish themselves by offering tools and services to help firms respond quickly to cyberattacks or prevent them.

Cyberinsurers Look to Measure Risk

https://www.wsj.com/articles/cyberinsurers-look-to-measure-risk-1505700301 Insurers and ratings companies have come up with a way of measuring risk factors in whether a company will be targeted by cybercriminals. Unlike property or life insurance, which benefit from centuries of actuarial data, cyberinsurance is a new and fast-changing field. Cyberinsurers ask potential clients about their risk exposure and security practices, but there’s often little evidence that these factors indicate whether or not a company will be targeted by cybercriminals, according to insurance providers. Some firms, including American International Group Inc. and Travelers Cos., have started to join with independent security-rating companies to get a better picture of risk

STATE CONTROL OF INTERNET

Facebook Faces a New World as Officials Rein in a Wild Web

https://www.nytimes.com/2017/09/17/technology/facebook-government-regulations.html?hpw&rref=technology&action=click&pgtype=Homepage&module=well-region&region=bottom-well&WT.nav=bottom-well Behind the scenes, Facebook is involved in high-stakes diplomatic battles across the globe that have begun fragmenting the internet itself. Facebook offered a major olive branch to Vietnam’s government. Facebook’s head of global policy management, Monika Bickert, met with a top Vietnamese official in April and pledged to remove information from the social network that violated the country’s laws. While Facebook said its policies in Vietnam have not changed, and it has a consistent process for governments to report illegal content, the Vietnamese government was specific. The social network, they have said, had agreed to help create a new communications channel with the government to prioritize Hanoi’s requests and remove what the regime considered inaccurate posts about senior leaders.

https://threatpost.com/deep-learning-passgan-tool-improves-password-guessing/128039/ Artificial intelligence and deep learning are creating into information security, and one of the early applications of those approaches has emerged and is focused on passwords. Researchers from the Stevens Institute of Technology and the New York Institute of Technology have recently published some early results from their work using Generative Adversarial Networks (GANs) to generate password guesses at a better rate than existing manual rule-generation techniques feeding existing tools such as Hashcat or John the Ripper.

https://www.wsj.com/articles/bitcoin-fugitives-gather-in-hong-kong-to-skirt-chinas-curbs-1505904418 China’s crackdown on cryptocurrencies isn’t stopping the industry’s enthusiasts from preaching their tune. Instead, it is emboldening them to find ways to circumvent the curbs. Hundreds of bitcoin traders and blockchain-technology experts gathered in Hong Kong on Sept 20 for a two-day conference originally scheduled to be held in Beijing. The recent regulatory clampdown caused the event to be moved “to lower the risks of being canceled,” according to the website of conference organizer Bitkan, a bitcoin-trading firm.